/** * Create directories for banners/icons uploaded * * @return null */ public function create_directories() { $directories = array('files/ext/ernadoo/phpbbdirectory/banners/', 'files/ext/ernadoo/phpbbdirectory/icons/'); foreach ($directories as $dir) { if (!file_exists($this->phpbb_root_path . $dir)) { @mkdir($this->phpbb_root_path . $dir, 0777, true); phpbb_chmod($this->phpbb_root_path . $dir, CHMOD_READ | CHMOD_WRITE); } } }
public static function write($file, $data) { if (self::is_enabled()) { $file = self::get_root() . preg_replace('{[^' . self::$whitelist . ']}i', '-', $file); $lock = new \phpbb\lock\flock($file); $lock->acquire(); if ($handle = @fopen($file, 'wb')) { fwrite($handle, $data); fclose($handle); phpbb_chmod($file, CHMOD_READ | CHMOD_WRITE); $return_value = true; } else { $return_value = false; } $lock->release(); return $return_value; } return false; }
/** * @author Michal Nazarewicz (from the php manual) * Creates all non-existant directories in a path * @param $path - path to create * @param $mode - CHMOD the new dir to these permissions * @return bool */ function recursive_mkdir($path, $mode = false) { if (!$mode) { global $config; $mode = octdec($config['am_dir_perms']); } $dirs = explode('/', $path); $count = sizeof($dirs); $path = '.'; for ($i = 0; $i < $count; $i++) { $path .= '/' . $dirs[$i]; if (!is_dir($path)) { @mkdir($path); @phpbb_chmod($path, CHMOD_ALL); // PHP needs write permission. if (!is_dir($path)) { return false; } } } return true; }
/** * Writes the config file to disk, or if unable to do so offers alternative methods */ function create_config_file($mode, $sub) { global $lang, $template, $phpbb_root_path, $phpEx; $this->page_title = $lang['STAGE_CONFIG_FILE']; // Obtain any submitted data $data = $this->get_submitted_data(); if ($data['dbms'] == '') { // Someone's been silly and tried calling this page direct // So we send them back to the start to do it again properly $this->p_master->redirect("index.$phpEx?mode=install"); } $s_hidden_fields = ($data['img_imagick']) ? '<input type="hidden" name="img_imagick" value="' . addslashes($data['img_imagick']) . '" />' : ''; $s_hidden_fields .= '<input type="hidden" name="language" value="' . $data['language'] . '" />'; $written = false; // Create a list of any PHP modules we wish to have loaded $load_extensions = array(); $available_dbms = get_available_dbms($data['dbms']); $check_exts = array_merge(array($available_dbms[$data['dbms']]['MODULE']), $this->php_dlls_other); foreach ($check_exts as $dll) { if (!@extension_loaded($dll)) { if (!can_load_dll($dll)) { continue; } $load_extensions[] = $dll . '.' . PHP_SHLIB_SUFFIX; } } // Create a lock file to indicate that there is an install in progress $fp = @fopen($phpbb_root_path . 'cache/install_lock', 'wb'); if ($fp === false) { // We were unable to create the lock file - abort $this->p_master->error($lang['UNABLE_WRITE_LOCK'], __LINE__, __FILE__); } @fclose($fp); @chmod($phpbb_root_path . 'cache/install_lock', 0777); $load_extensions = implode(',', $load_extensions); // Time to convert the data provided into a config file $config_data = "<?php\n"; $config_data .= "// phpBB 3.0.x auto-generated configuration file\n// Do not change anything in this file!\n"; $config_data_array = array( 'dbms' => $available_dbms[$data['dbms']]['DRIVER'], 'dbhost' => $data['dbhost'], 'dbport' => $data['dbport'], 'dbname' => $data['dbname'], 'dbuser' => $data['dbuser'], 'dbpasswd' => htmlspecialchars_decode($data['dbpasswd']), 'table_prefix' => $data['table_prefix'], 'acm_type' => 'file', 'load_extensions' => $load_extensions, ); foreach ($config_data_array as $key => $value) { $config_data .= "\${$key} = '" . str_replace("'", "\\'", str_replace('\\', '\\\\', $value)) . "';\n"; } unset($config_data_array); $config_data .= "\n@define('PHPBB_INSTALLED', true);\n"; $config_data .= "// @define('DEBUG', true);\n"; $config_data .= "// @define('DEBUG_EXTRA', true);\n"; $config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused! // Attempt to write out the config file directly. If it works, this is the easiest way to do it ... if ((file_exists($phpbb_root_path . 'config.' . $phpEx) && is_writable($phpbb_root_path . 'config.' . $phpEx)) || is_writable($phpbb_root_path)) { // Assume it will work ... if nothing goes wrong below $written = true; if (!($fp = @fopen($phpbb_root_path . 'config.' . $phpEx, 'w'))) { // Something went wrong ... so let's try another method $written = false; } if (!(@fwrite($fp, $config_data))) { // Something went wrong ... so let's try another method $written = false; } @fclose($fp); if ($written) { // We may revert back to chmod() if we see problems with users not able to change their config.php file directly phpbb_chmod($phpbb_root_path . 'config.' . $phpEx, CHMOD_READ); } } if (isset($_POST['dldone'])) { // Do a basic check to make sure that the file has been uploaded // Note that all we check is that the file has _something_ in it // We don't compare the contents exactly - if they can't upload // a single file correctly, it's likely they will have other problems.... if (filesize($phpbb_root_path . 'config.' . $phpEx) > 10) { $written = true; } } $config_options = array_merge($this->db_config_options, $this->admin_config_options); foreach ($config_options as $config_key => $vars) { if (!is_array($vars)) { continue; } $s_hidden_fields .= '<input type="hidden" name="' . $config_key . '" value="' . $data[$config_key] . '" />'; } if (!$written) { // OK, so it didn't work let's try the alternatives if (isset($_POST['dlconfig'])) { // They want a copy of the file to download, so send the relevant headers and dump out the data header("Content-Type: text/x-delimtext; name=\"config.$phpEx\""); header("Content-disposition: attachment; filename=config.$phpEx"); echo $config_data; exit; } // The option to download the config file is always available, so output it here $template->assign_vars(array( 'BODY' => $lang['CONFIG_FILE_UNABLE_WRITE'], 'L_DL_CONFIG' => $lang['DL_CONFIG'], 'L_DL_CONFIG_EXPLAIN' => $lang['DL_CONFIG_EXPLAIN'], 'L_DL_DONE' => $lang['DONE'], 'L_DL_DOWNLOAD' => $lang['DL_DOWNLOAD'], 'S_HIDDEN' => $s_hidden_fields, 'S_SHOW_DOWNLOAD' => true, 'U_ACTION' => $this->p_master->module_url . "?mode=$mode&sub=config_file", )); return; } else { $template->assign_vars(array( 'BODY' => $lang['CONFIG_FILE_WRITTEN'], 'L_SUBMIT' => $lang['NEXT_STEP'], 'S_HIDDEN' => $s_hidden_fields, 'U_ACTION' => $this->p_master->module_url . "?mode=$mode&sub=advanced", )); return; } }
/** * Save queue */ function save() { if (!sizeof($this->data)) { return; } if (file_exists($this->cache_file)) { include $this->cache_file; foreach ($this->queue_data as $object => $data_ary) { if (isset($this->data[$object]) && sizeof($this->data[$object])) { $this->data[$object]['data'] = array_merge($data_ary['data'], $this->data[$object]['data']); } else { $this->data[$object]['data'] = $data_ary['data']; } } } if ($fp = @fopen($this->cache_file, 'w')) { @flock($fp, LOCK_EX); fwrite($fp, "<?php\n\$this->queue_data = unserialize(" . var_export(serialize($this->data), true) . ");\n\n?>"); @flock($fp, LOCK_UN); fclose($fp); phpbb_chmod($this->cache_file, CHMOD_WRITE); } }
/** * Move file to destination folder * * @param string $destination_path Destination path, for example $config['avatar_path'] * @param bool $overwrite If set to true, an already existing file will be overwritten * @param string $chmod Permission mask for chmodding the file after a successful move. The mode entered here reflects the mode defined by {@link phpbb_chmod()} * * @access public */ function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = false) { if (sizeof($this->error)) { return false; } $chmod = $chmod === false ? CHMOD_READ | CHMOD_WRITE : $chmod; // We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it... $this->destination_path = $destination; // Check if the destination path exist... if (!file_exists($this->destination_path)) { @unlink($this->filename); return false; } $upload_mode = @ini_get('open_basedir') || @ini_get('safe_mode') || strtolower(@ini_get('safe_mode')) == 'on' ? 'move' : 'copy'; $upload_mode = $this->local ? 'local' : $upload_mode; $this->destination_file = $this->destination_path . '/' . basename($this->realname); // Check if the file already exist, else there is something wrong... if (file_exists($this->destination_file) && !$overwrite) { @unlink($this->filename); } else { if (file_exists($this->destination_file)) { @unlink($this->destination_file); } switch ($upload_mode) { case 'copy': if (!@copy($this->filename, $this->destination_file)) { if (!@move_uploaded_file($this->filename, $this->destination_file)) { $this->error[] = sprintf(phpbb::$user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file); return false; } } @unlink($this->filename); break; case 'move': if (!@move_uploaded_file($this->filename, $this->destination_file)) { if (!@copy($this->filename, $this->destination_file)) { $this->error[] = sprintf(phpbb::$user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file); return false; } } @unlink($this->filename); break; case 'local': if (!@copy($this->filename, $this->destination_file)) { $this->error[] = sprintf(phpbb::$user->lang[$this->upload->error_prefix . 'GENERAL_UPLOAD_ERROR'], $this->destination_file); return false; } @unlink($this->filename); break; } phpbb_chmod($this->destination_file, $chmod); } // Try to get real filesize from destination folder $this->filesize = @filesize($this->destination_file) ? @filesize($this->destination_file) : $this->filesize; if ($this->is_image() && !$skip_image_check) { $this->width = $this->height = 0; if (($this->image_info = @getimagesize($this->destination_file)) !== false) { $this->width = $this->image_info[0]; $this->height = $this->image_info[1]; if (!empty($this->image_info['mime'])) { $this->mimetype = $this->image_info['mime']; } // Check image type $types = $this->upload->image_types(); if (!isset($types[$this->image_info[2]]) || !in_array($this->extension, $types[$this->image_info[2]])) { if (!isset($types[$this->image_info[2]])) { $this->error[] = sprintf(phpbb::$user->lang['IMAGE_FILETYPE_INVALID'], $this->image_info[2], $this->mimetype); } else { $this->error[] = sprintf(phpbb::$user->lang['IMAGE_FILETYPE_MISMATCH'], $types[$this->image_info[2]][0], $this->extension); } } // Make sure the dimensions match a valid image if (empty($this->width) || empty($this->height)) { $this->error[] = phpbb::$user->lang['ATTACHED_IMAGE_NOT_IMAGE']; } } else { $this->error[] = phpbb::$user->lang['UNABLE_GET_IMAGE_SIZE']; } } $this->file_moved = true; $this->additional_checks(); unset($this->upload); return true; }
/** * Save queue */ function save() { if (!sizeof($this->data)) { return; } $lock = new \phpbb\lock\flock($this->cache_file); $lock->acquire(); if (file_exists($this->cache_file)) { include $this->cache_file; foreach ($this->queue_data as $object => $data_ary) { if (isset($this->data[$object]) && sizeof($this->data[$object])) { $this->data[$object]['data'] = array_merge($data_ary['data'], $this->data[$object]['data']); } else { $this->data[$object]['data'] = $data_ary['data']; } } } if ($fp = @fopen($this->cache_file, 'w')) { fwrite($fp, "<?php\nif (!defined('IN_PHPBB')) exit;\n\$this->queue_data = unserialize(" . var_export(serialize($this->data), true) . ");\n\n?>"); fclose($fp); phpbb_chmod($this->cache_file, CHMOD_READ | CHMOD_WRITE); $this->data = array(); } $lock->release(); }
/** * function set_template * Updates or creates the designated template file * * @param string $template_data * @param string $template_file * @param optional string $template_lang * @param optional string $template_path * @return string $template */ function set_template($template_data, $template_file, $template_lang = '', $template_path = '') { global $phpbb_root_path, $user; if (!trim($template_file)) { trigger_error('invite->get_template(): No template file set.', E_USER_ERROR); } $template_lang = !trim($template_lang) ? basename($user->data['user_lang']) : $template_lang; $template_path = !trim($template_path) ? "{$phpbb_root_path}language/{$template_lang}/email/" : $template_path; $destination = $template_path . $template_file; if ($fp = @fopen($destination, 'wb')) { @flock($fp, LOCK_EX); @fwrite($fp, $template_data); @flock($fp, LOCK_UN); @fclose($fp); phpbb_chmod($destination, CHMOD_READ | CHMOD_WRITE); } }
/** * Write compiled file to cache directory * @access private */ function compile_write($handle, $data) { global $phpEx; $filename = $this->template->cachepath . str_replace('/', '.', $this->template->filename[$handle]) . '.' . $phpEx; if ($fp = @fopen($filename, 'wb')) { @flock($fp, LOCK_EX); @fwrite($fp, $data); @flock($fp, LOCK_UN); @fclose($fp); phpbb_chmod($filename, CHMOD_WRITE); } return; }
/** * Display results * * Display the results from the previous command, or you may enter your own command/result if you would like. * * @param string $command The command you would like shown (leave blank to use the last command saved in $this->command) * @param string $result The result you would like shown (leave blank to use the last result saved in $this->result) */ function display_results($command = '', $result = '') { global $config, $template, $user, $phpbb_root_path; $command = $command ? $command : $this->command; $command = isset($user->lang[$command]) ? $user->lang[$command] : $command; $result = $result ? $result : $this->result; $result = isset($user->lang[$result]) ? $user->lang[$result] : $result; $this->results = true; if ($result != $user->lang['SUCCESS']) { // Check if the umil/error_files/ is writable if (!is_writable("{$phpbb_root_path}umil/error_files/")) { phpbb_chmod("{$phpbb_root_path}umil/error_files/", CHMOD_ALL); } // Hopefully it is writable now. If not there is nothing we can do. if (is_writable("{$phpbb_root_path}umil/error_files/")) { if ($this->errors == false) { $this->errors = true; // Setting up an error recording file $append = 0; $this->error_file = "{$phpbb_root_path}umil/error_files/" . strtolower($this->title) . '.txt'; while (file_exists($this->error_file)) { $this->error_file = "{$phpbb_root_path}umil/error_files/" . strtolower($this->title) . $append . '.txt'; $append++; } } if (file_exists($this->error_file) && filesize($this->error_file)) { $fp = fopen($this->error_file, 'rb'); $contents = fread($fp, filesize($this->error_file)); fclose($fp); phpbb_chmod($this->error_file, CHMOD_ALL); } else { $contents = (isset($user->lang[$this->title]) ? $user->lang[$this->title] : $this->title) . "\n"; $contents .= 'PHP Version: ' . phpversion() . "\n"; $contents .= 'DBMS: ' . $this->db->sql_server_info() . "\n"; $contents .= 'phpBB3 Version: ' . $config['version'] . "\n\n"; } $contents .= "{$command}\n{$result}\n\n"; $fp = fopen($this->error_file, 'wb'); fwrite($fp, $contents); fclose($fp); phpbb_chmod($this->error_file, CHMOD_ALL); } else { $this->errors = true; } } if ($result != $user->lang['SUCCESS'] || $this->force_display_results == true) { $template->assign_block_vars('results', array('COMMAND' => $command, 'RESULT' => $result, 'S_SUCCESS' => $result == $user->lang['SUCCESS'] ? true : false)); } }
/** * Writes the config file to disk, or if unable to do so offers alternative methods */ function create_config_file($mode, $sub) { global $lang, $template, $phpbb_root_path, $phpEx; $this->page_title = $lang['STAGE_CONFIG_FILE']; // Obtain any submitted data $data = $this->get_submitted_data(); if ($data['dbms'] == '') { // Someone's been silly and tried calling this page direct // So we send them back to the start to do it again properly $this->p_master->redirect("index.{$phpEx}?mode=install"); } $s_hidden_fields = $data['img_imagick'] ? '<input type="hidden" name="img_imagick" value="' . addslashes($data['img_imagick']) . '" />' : ''; $s_hidden_fields .= '<input type="hidden" name="language" value="' . $data['language'] . '" />'; $written = false; // Create a list of any PHP modules we wish to have loaded $available_dbms = get_available_dbms($data['dbms']); // Create a lock file to indicate that there is an install in progress $fp = @fopen($phpbb_root_path . 'cache/install_lock', 'wb'); if ($fp === false) { // We were unable to create the lock file - abort $this->p_master->error($lang['UNABLE_WRITE_LOCK'], __LINE__, __FILE__); } @fclose($fp); @chmod($phpbb_root_path . 'cache/install_lock', 0777); // Time to convert the data provided into a config file $config_data = phpbb_create_config_file_data($data, $available_dbms[$data['dbms']]['DRIVER']); // Attempt to write out the config file directly. If it works, this is the easiest way to do it ... if (file_exists($phpbb_root_path . 'config.' . $phpEx) && phpbb_is_writable($phpbb_root_path . 'config.' . $phpEx) || phpbb_is_writable($phpbb_root_path)) { // Assume it will work ... if nothing goes wrong below $written = true; if (!($fp = @fopen($phpbb_root_path . 'config.' . $phpEx, 'w'))) { // Something went wrong ... so let's try another method $written = false; } if (!@fwrite($fp, $config_data)) { // Something went wrong ... so let's try another method $written = false; } @fclose($fp); if ($written) { // We may revert back to chmod() if we see problems with users not able to change their config.php file directly phpbb_chmod($phpbb_root_path . 'config.' . $phpEx, CHMOD_READ); } } if (isset($_POST['dldone'])) { // Do a basic check to make sure that the file has been uploaded // Note that all we check is that the file has _something_ in it // We don't compare the contents exactly - if they can't upload // a single file correctly, it's likely they will have other problems.... if (filesize($phpbb_root_path . 'config.' . $phpEx) > 10) { $written = true; } } $config_options = array_merge($this->db_config_options, $this->admin_config_options); foreach ($config_options as $config_key => $vars) { if (!is_array($vars)) { continue; } $s_hidden_fields .= '<input type="hidden" name="' . $config_key . '" value="' . $data[$config_key] . '" />'; } if (!$written) { // OK, so it didn't work let's try the alternatives if (isset($_POST['dlconfig'])) { // They want a copy of the file to download, so send the relevant headers and dump out the data header("Content-Type: text/x-delimtext; name=\"config.{$phpEx}\""); header("Content-disposition: attachment; filename=config.{$phpEx}"); echo $config_data; exit; } // The option to download the config file is always available, so output it here $template->assign_vars(array('BODY' => $lang['CONFIG_FILE_UNABLE_WRITE'], 'L_DL_CONFIG' => $lang['DL_CONFIG'], 'L_DL_CONFIG_EXPLAIN' => $lang['DL_CONFIG_EXPLAIN'], 'L_DL_DONE' => $lang['DONE'], 'L_DL_DOWNLOAD' => $lang['DL_DOWNLOAD'], 'S_HIDDEN' => $s_hidden_fields, 'S_SHOW_DOWNLOAD' => true, 'U_ACTION' => $this->p_master->module_url . "?mode={$mode}&sub=config_file")); return; } else { $template->assign_vars(array('BODY' => $lang['CONFIG_FILE_WRITTEN'], 'L_SUBMIT' => $lang['NEXT_STEP'], 'S_HIDDEN' => $s_hidden_fields, 'U_ACTION' => $this->p_master->module_url . "?mode={$mode}&sub=advanced")); return; } }
/** * Make a directory recursively (from functions_compress) * * @param string $target_filename The target directory we wish to have */ function titania_mkdir_recursive($target_filename) { if (!is_dir($target_filename)) { $str = ''; $folders = explode('/', $target_filename); // Create and folders and subfolders if they do not exist foreach ($folders as $folder) { $folder = trim($folder); if (!$folder) { continue; } $str = !empty($str) ? $str . '/' . $folder : $folder; if (!is_dir($str)) { @mkdir($str, 0777); phpbb_chmod($str, CHMOD_READ | CHMOD_WRITE); } } } }
function repair() { global $critical_repair, $user; $critical_repair->user_setup($user); include PHPBB_ROOT_PATH . 'includes/functions_install.' . PHP_EXT; include STK_ROOT_PATH . 'includes/functions.' . PHP_EXT; $available_dbms = get_available_dbms(); $error = array(); $data = array('dbms' => isset($_POST['dbms']) ? $_POST['dbms'] : '', 'dbhost' => isset($_POST['dbhost']) ? $_POST['dbhost'] : '', 'dbport' => isset($_POST['dbport']) ? $_POST['dbport'] : '', 'dbname' => isset($_POST['dbname']) ? $_POST['dbname'] : '', 'dbuser' => isset($_POST['dbuser']) ? $_POST['dbuser'] : '', 'dbpasswd' => isset($_POST['dbpasswd']) ? $_POST['dbpasswd'] : '', 'table_prefix' => isset($_POST['table_prefix']) ? $_POST['table_prefix'] : 'phpbb_'); if (isset($_POST['submit'])) { if (!isset($available_dbms[$data['dbms']])) { $error[] = $user->lang['CONFIG_REPAIR_NO_DBMS']; } else { $connect_test = $this->critical_connect_check_db($user, true, $error, $available_dbms[$data['dbms']], $data['table_prefix'], $data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport']); if (!$connect_test) { $error[] = $user->lang['CONFIG_REPAIR_CONNECT_FAIL']; } } } if (isset($_POST['submit']) && empty($error)) { // Time to convert the data provided into a config file $config_data = "<?php\n"; $config_data .= "// phpBB 3.1.x auto-generated configuration file\n// Do not change anything in this file!\n"; $config_data_array = array('dbms' => $available_dbms[$data['dbms']]['DRIVER'], 'dbhost' => $data['dbhost'], 'dbport' => $data['dbport'], 'dbname' => $data['dbname'], 'dbuser' => $data['dbuser'], 'dbpasswd' => htmlspecialchars_decode($data['dbpasswd']), 'table_prefix' => $data['table_prefix'], 'phpbb_adm_relative_path' => 'adm/', 'acm_type' => 'phpbb\\cache\\driver\\file'); foreach ($config_data_array as $key => $value) { $config_data .= "\${$key} = '" . str_replace("'", "\\'", str_replace('\\', '\\\\', $value)) . "';\n"; } unset($config_data_array); $config_data .= "\n@define('PHPBB_INSTALLED', true);\n"; $config_data .= "// @define('PHPBB_DISPLAY_LOAD_TIME', true);\n"; $config_data .= "// @define('DEBUG', true);\n"; $config_data .= "// @define('DEBUG_CONTAINER', true);\n"; $config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused! // Assume it will work ... if nothing goes wrong below $written = true; if (!($fp = @fopen(PHPBB_ROOT_PATH . 'config.' . PHP_EXT, 'w'))) { // Something went wrong ... so let's try another method $written = false; } if (!@fwrite($fp, $config_data)) { // Something went wrong ... so let's try another method $written = false; } @fclose($fp); if ($written) { // We may revert back to chmod() if we see problems with users not able to change their config.php file directly if (!function_exists('phpbb_chmod')) { include PHPBB_ROOT_PATH . 'includes/functions.' . PHP_EXT; } phpbb_chmod(PHPBB_ROOT_PATH . 'config.' . PHP_EXT, CHMOD_READ); } else { header('Content-type: text/html; charset=UTF-8'); echo $user->lang['CONFIG_REPAIR_WRITE_ERROR']; echo nl2br(htmlspecialchars($config_data)); exit; } } else { header('Content-type: text/html; charset=UTF-8'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta http-equiv="imagetoolbar" content="no" /> <title>Config Repair - Support Toolkit</title> <link href="<?php echo STK_ROOT_PATH; ?> style/style.css" rel="stylesheet" type="text/css" media="screen" /> <link href="<?php echo STK_ROOT_PATH; ?> style/erk_style.css" rel="stylesheet" type="text/css" media="screen" /> </head> <body id="errorpage"> <div id="wrap"> <div id="page-header"> </div> <div id="page-body"> <div id="acp"> <div class="panel"> <span class="corners-top"><span></span></span> <div id="content"> <h1><?php echo $user->lang['CONFIG_REPAIR']; ?> </h1> <br /> <p> <?php echo $user->lang['CONFIG_REPAIR_EXPLAIN']; ?> </p> <form id="stk" method="post" action="<?php echo STK_ROOT_PATH . 'erk.' . PHP_EXT; ?> " name="support_tool_kit"> <fieldset> <?php if (!empty($error)) { ?> <div class="errorbox"> <h3>Error</h3> <p><?php echo implode('<br />', $error); ?> </p> </div> <?php } ?> <dl> <dt><label for="dbms"><?php echo $user->lang['DBMS']; ?> :</label></dt> <dd><select name="dbms"> <?php foreach (get_available_dbms() as $dbms => $dbms_data) { ?> <option value="<?php echo $dbms; ?> " <?php if ($data['dbms'] == $dbms) { echo ' selected="selected"'; } ?> ><?php echo $dbms_data['LABEL']; ?> <?php } ?> </select></dd> </dl> <dl> <dt><label for="dbhost"><?php echo $user->lang['DB_HOST']; ?> :</label><br /><span class="explain"><?php echo $user->lang['DB_HOST_EXPLAIN']; ?> </span></dt> <dd><input id="dbhost" type="text" value="<?php echo $data['dbhost']; ?> " name="dbhost" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbport"><?php echo $user->lang['DB_PORT']; ?> :</label><br /><span class="explain"><?php echo $user->lang['DB_PORT_EXPLAIN']; ?> </span></dt> <dd><input id="dbport" type="text" value="<?php echo $data['dbport']; ?> " name="dbport" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbname"><?php echo $user->lang['DB_NAME']; ?> :</label></dt> <dd><input id="dbname" type="text" value="<?php echo $data['dbname']; ?> " name="dbname" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbuser"><?php echo $user->lang['DB_USERNAME']; ?> :</label></dt> <dd><input id="dbuser" type="text" value="<?php echo $data['dbuser']; ?> " name="dbuser" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbpasswd"><?php echo $user->lang['DB_PASSWORD']; ?> :</label></dt> <dd><input id="dbpasswd" type="password" value="" name="dbpasswd" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="table_prefix"><?php echo $user->lang['TABLE_PREFIX']; ?> :</label></dt> <dd><input id="table_prefix" type="text" value="<?php echo $data['table_prefix']; ?> " name="table_prefix" maxlength="100" size="25"/></dd> </dl> <p class="submit-buttons"> <input class="button1" type="submit" id="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?> " /> <input class="button2" type="reset" id="reset" name="reset" value="<?php echo $user->lang['CANCEL']; ?> " /> </p> </fieldset> </form> </div> <span class="corners-bottom"><span></span></span> </div> </div> </div> <div id="page-footer"> Support Toolkit for phpBB3.1.x ©</a><br /> Powered by <a href="http://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Group - adaptation for phpBB3.1.x by © Sheer </div> </div> </body> </html> <?php exit; } }
function directory_delete($dir) { if (!file_exists($dir)) { return true; } if (!is_dir($dir) && is_file($dir)) { phpbb_chmod($dir, CHMOD_ALL); return unlink($dir); } foreach (scandir($dir) as $item) { if ($item == '.' || $item == '..') { continue; } if (!$this->directory_delete($dir . "/" . $item)) { phpbb_chmod($dir . "/" . $item, CHMOD_ALL); if (!$this->directory_delete($dir . "/" . $item)) { return false; } } } // Make sure we don't delete the MODs directory if ($dir != $this->mods_dir) { return rmdir($dir); } }
private function add_htm_files($lang_root_path, $reference_path) { $htm_files = array('', 'acp/', 'mods/'); if (!is_dir($lang_root_path . 'mods')) { mkdir($lang_root_path . 'mods'); phpbb_chmod($lang_root_path . 'mods', CHMOD_READ | CHMOD_WRITE); } foreach ($htm_files as $htm_file) { $res = fopen($lang_root_path . $htm_file . 'index.htm', 'w'); fwrite($res, file_get_contents($reference_path . '/language/en/index.htm')); fclose($res); } }
/** * Uploads a file to server * * @return array filedata */ public function upload_file() { $this->filedata = array('error' => array(), 'post_attach' => $this->is_valid($this->form_name)); if (!$this->filedata['post_attach']) { $this->filedata['error'][] = phpbb::$user->lang['NO_UPLOAD_FORM_FOUND']; return false; } if (!isset(titania::$config->upload_allowed_extensions[$this->ext_group])) { $this->filedata['error'][] = phpbb::$user->lang['NO_UPLOAD_FORM_FOUND']; return false; } $this->set_allowed_extensions(titania::$config->upload_allowed_extensions[$this->ext_group]); $file = $this->form_upload($this->form_name); if ($file->init_error) { $this->filedata['post_attach'] = false; return false; } // Set max file size for anyone but team members. if (titania::$access_level != TITANIA_ACCESS_TEAMS) { if (isset(titania::$config->upload_max_filesize[$this->ext_group])) { $this->set_max_filesize(titania::$config->upload_max_filesize[$this->ext_group]); } else { $this->set_max_filesize(phpbb::$config['max_filesize']); } } $file->clean_filename('unique', phpbb::$user->data['user_id'] . '_'); // Move files into their own directory depending on the extension group assigned. Should keep at least some of it organized. if (!isset(titania::$config->upload_directory[$this->ext_group])) { $this->filedata['error'][] = phpbb::$user->lang['NO_UPLOAD_FORM_FOUND']; return false; } $move_dir = titania::$config->upload_directory[$this->ext_group]; if (!file_exists(titania::$config->upload_path . $move_dir)) { @mkdir(titania::$config->upload_path . $move_dir); phpbb_chmod(titania::$config->upload_path . $move_dir, CHMOD_ALL); } $file->move_file(titania::$config->upload_path . $move_dir, false, true); if (!empty($file->error)) { $file->remove(); $this->filedata['error'] = array_merge($this->filedata['error'], $file->error); $this->filedata['post_attach'] = false; return false; } $this->filedata['filesize'] = $file->get('filesize'); $this->filedata['mimetype'] = $file->get('mimetype'); $this->filedata['extension'] = $file->get('extension'); $this->filedata['is_image'] = $file->is_image(); $this->filedata['physical_filename'] = $file->get('realname'); $this->filedata['attachment_directory'] = $move_dir; $this->filedata['real_filename'] = $file->get('uploadname'); $this->filedata['filetime'] = time(); $this->filedata['md5_checksum'] = md5_file($file->get('destination_file')); // Check free disk space if ($free_space = @disk_free_space(titania::$config->upload_path)) { if ($free_space <= $file->get('filesize')) { $this->filedata['error'][] = phpbb::$user->lang['ATTACH_QUOTA_REACHED']; $this->filedata['post_attach'] = false; $file->remove(); return false; } } // Yippe!! File uploaded with no problems... return true; }
/** * Write cache data to a specified file (IP Version) * * @access private * @param string $filename Filename to write * @param mixed $data Data to store * @param int $expires Timestamp when the data expires * @param string $query Query when caching SQL queries * @return bool True if the file was successfully created, otherwise false */ function _write_ip($filename, $data = null, $expires = 0, $query = '', $cache_folder = '') { $cache_folder = $this->validate_cache_folder($cache_folder, false, false); $file = $cache_folder . $filename . '.' . PHP_EXT; if ($fp = @fopen($file, 'wb')) { @flock($fp, LOCK_EX); $file_content = "<" . "?php\nif (!defined('IN_ICYPHOENIX')) exit;\n\n"; $file_content .= "\$created = " . time() . "; // " . gmdate('Y/m/d - H:i:s') . "\n"; if ($filename == 'data_global') { $file_content .= "\n\$this->vars = " . var_export($data, true) . ";\n"; $file_content .= "\n\$this->var_expires = " . var_export($expires, true) . ";\n"; } elseif (!empty($query)) { $file_content .= "/* " . str_replace('*/', '*\\/', $query) . " */\n"; $file_content .= "\$expired = (time() >= " . $expires . ") ? true : false;\nif (\$expired) { return; }\n"; $file_content .= "\n\$this->sql_rowset[\$this->sql_query_id] = " . (sizeof($this->sql_rowset[$this->sql_query_id]) ? "unserialize(" . var_export(serialize($this->sql_rowset[$this->sql_query_id]), true) . ");" : 'array();') . "\n"; } else { $file_content .= "\$expired = (time() >= " . $expires . ") ? true : false;\nif (\$expired) { return; }\n"; $file_content .= "\n\$data = " . (sizeof($data) ? "unserialize(" . var_export(serialize($data), true) . ");" : 'array();') . "\n"; } $file_content .= "\n?" . ">"; fwrite($fp, $file_content); @flock($fp, LOCK_UN); fclose($fp); if (!function_exists('phpbb_chmod')) { include IP_ROOT_PATH . 'includes/functions.' . PHP_EXT; } phpbb_chmod($file, CHMOD_WRITE); return true; } else { return false; } }
function repair() { include PHPBB_ROOT_PATH . 'includes/functions_install.' . PHP_EXT; $available_dbms = get_available_dbms(); $error = array(); $data = array('dbms' => isset($_POST['dbms']) ? $_POST['dbms'] : '', 'dbhost' => isset($_POST['dbhost']) ? $_POST['dbhost'] : '', 'dbport' => isset($_POST['dbport']) ? $_POST['dbport'] : '', 'dbname' => isset($_POST['dbname']) ? $_POST['dbname'] : '', 'dbuser' => isset($_POST['dbuser']) ? $_POST['dbuser'] : '', 'dbpasswd' => isset($_POST['dbpasswd']) ? $_POST['dbpasswd'] : '', 'table_prefix' => isset($_POST['table_prefix']) ? $_POST['table_prefix'] : 'phpbb_'); if (isset($_POST['submit'])) { if (!isset($available_dbms[$data['dbms']])) { $error[] = 'Database Connection not available.'; } else { $connect_test = $this->critical_connect_check_db(true, $error, $available_dbms[$data['dbms']], $data['table_prefix'], $data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport']); if (!$connect_test) { $error[] = 'Database Connection failed.'; } } } if (isset($_POST['submit']) && empty($error)) { // Time to convert the data provided into a config file $config_data = "<?php\n"; $config_data .= "// phpBB 3.0.x auto-generated configuration file\n// Do not change anything in this file!\n"; $config_data_array = array('dbms' => $available_dbms[$data['dbms']]['DRIVER'], 'dbhost' => $data['dbhost'], 'dbport' => $data['dbport'], 'dbname' => $data['dbname'], 'dbuser' => $data['dbuser'], 'dbpasswd' => htmlspecialchars_decode($data['dbpasswd']), 'table_prefix' => $data['table_prefix'], 'acm_type' => 'file', 'load_extensions' => ''); foreach ($config_data_array as $key => $value) { $config_data .= "\${$key} = '" . str_replace("'", "\\'", str_replace('\\', '\\\\', $value)) . "';\n"; } unset($config_data_array); $config_data .= "\n@define('PHPBB_INSTALLED', true);\n"; $config_data .= "// @define('DEBUG', true);\n"; $config_data .= "// @define('DEBUG_EXTRA', true);\n"; $config_data .= '?' . '>'; // Done this to prevent highlighting editors getting confused! // Assume it will work ... if nothing goes wrong below $written = true; if (!($fp = @fopen(PHPBB_ROOT_PATH . 'config.' . PHP_EXT, 'w'))) { // Something went wrong ... so let's try another method $written = false; } if (!@fwrite($fp, $config_data)) { // Something went wrong ... so let's try another method $written = false; } @fclose($fp); if ($written) { // We may revert back to chmod() if we see problems with users not able to change their config.php file directly phpbb_chmod(PHPBB_ROOT_PATH . 'config.' . PHP_EXT, CHMOD_READ); } else { header('Content-type: text/html; charset=UTF-8'); echo 'ERROR: Could not write config file. Please copy the text below, put it in a file named config.php, and place it in the root directory of your forum.<br /><br />'; echo nl2br(htmlspecialchars($config_data)); exit; } } else { header('Content-type: text/html; charset=UTF-8'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta http-equiv="imagetoolbar" content="no" /> <title>Config Repair - Support Toolkit</title> <link href="<?php echo STK_ROOT_PATH; ?> style/style.css" rel="stylesheet" type="text/css" media="screen" /> <link href="<?php echo STK_ROOT_PATH; ?> style/erk_style.css" rel="stylesheet" type="text/css" media="screen" /> </head> <body id="errorpage"> <div id="wrap"> <div id="page-header"> </div> <div id="page-body"> <div id="acp"> <div class="panel"> <span class="corners-top"><span></span></span> <div id="content"> <h1>Config Repair</h1> <br /> <p> Through this tool you can regenerate your configuration file. </p> <form id="stk" method="post" action="<?php echo STK_ROOT_PATH . 'index.' . PHP_EXT; ?> " name="support_tool_kit"> <fieldset> <?php if (!empty($error)) { ?> <div class="errorbox"> <h3>Error</h3> <p><?php echo implode('<br />', $error); ?> </p> </div> <?php } ?> <dl> <dt><label for="dbms">Database type:</label></dt> <dd><select name="dbms"> <?php foreach (get_available_dbms() as $dbms => $dbms_data) { ?> <option value="<?php echo $dbms; ?> " <?php if ($data['dbms'] == $dbms) { echo ' selected="selected"'; } ?> ><?php echo $dbms_data['LABEL']; ?> <?php } ?> </select></dd> </dl> <dl> <dt><label for="dbhost">Database server hostname or DSN:</label><br /><span class="explain">DSN stands for Data Source Name and is relevant only for ODBC installs.</span></dt> <dd><input id="dbhost" type="text" value="<?php echo $data['dbhost']; ?> " name="dbhost" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbport">Database server port:</label><br /><span class="explain">Leave this blank unless you know the server operates on a non-standard port.</span></dt> <dd><input id="dbport" type="text" value="<?php echo $data['dbport']; ?> " name="dbport" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbname">Database name:</label></dt> <dd><input id="dbname" type="text" value="<?php echo $data['dbname']; ?> " name="dbname" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbuser">Database username:</label></dt> <dd><input id="dbuser" type="text" value="<?php echo $data['dbuser']; ?> " name="dbuser" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="dbpasswd">Database password:</label></dt> <dd><input id="dbpasswd" type="password" value="" name="dbpasswd" maxlength="100" size="25"/></dd> </dl> <dl> <dt><label for="table_prefix">Prefix for tables in database:</label></dt> <dd><input id="table_prefix" type="text" value="<?php echo $data['table_prefix']; ?> " name="table_prefix" maxlength="100" size="25"/></dd> </dl> <p class="submit-buttons"> <input class="button1" type="submit" id="submit" name="submit" value="Submit" /> <input class="button2" type="reset" id="reset" name="reset" value="Reset" /> </p> </fieldset> </form> </div> <span class="corners-bottom"><span></span></span> </div> </div> </div> <div id="page-footer"> Powered by phpBB © 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a> </div> </div> </body> </html> <?php exit; } }
/** * write_cache( ) will write the cached file and keep backups. */ function write_cache($type = 'forum') { global $phpbb_seo; if (!$phpbb_seo->cache_config['cache_enable'] || !@is_array($phpbb_seo->cache_config[$type]) && $type != 'htaccess' || !array_key_exists($type, $phpbb_seo->cache_config['files'])) { return FALSE; } $cache_tpl = '<' . '?php' . "\n" . '/**' . "\n" . '* phpBB_SEO Class' . "\n" . '* www.phpBB-SEO.com' . "\n" . '* @package Advanced phpBB3 SEO mod Rewrite' . "\n" . '*/' . "\n" . 'if (!defined(\'IN_PHPBB\')) {' . "\n\t" . 'exit;' . "\n" . '}' . "\n"; if ($type == 'forum') { // Add the phpbb_seo_config $update = '$this->cache_config[\'settings\'] = ' . preg_replace('`[\\s]+`', ' ', var_export($phpbb_seo->cache_config['settings'], true)) . ';' . "\n"; $update .= '$this->cache_config[\'forum\'] = ' . preg_replace('`[\\s]+`', ' ', var_export($phpbb_seo->cache_config['forum'], true)) . ';' . "\n"; $update = $cache_tpl . $update . '?' . '>'; } elseif ($type == 'htaccess') { // .htaccess case $update = $this->seo_htaccess(false); } else { // Allow additional types $update = '$this->cache_config[\'' . $type . '\'] = ' . preg_replace('`[\\s]+`', ' ', var_export($phpbb_seo->cache_config[$type], true)) . ';' . "\n"; $update = $cache_tpl . $update . '?' . '>'; } $file = SEO_CACHE_PATH . $phpbb_seo->cache_config['files'][$type]; // Keep a backup of the previous settings @copy($file, $file . '.old'); $handle = @fopen($file, 'wb'); @fputs($handle, $update); @fclose($handle); unset($update); @umask(00); phpbb_chmod($file, CHMOD_READ | CHMOD_WRITE); // Keep a backup of the current settings @copy($file, $file . '.current'); return true; }
/** * Original copyright information for the function from AutoMOD. * The function was almost totally changed by the authors of Upload Extensions. * @package automod * @copyright (c) 2008 phpBB Group * @license http://opensource.org/licenses/gpl-2.0.php GNU Public License * * @param string $action Requested action. * @return \filespec|bool */ public function proceed_upload($action) { global $phpbb_root_path, $phpEx, $user, $request; //$can_upload = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !@extension_loaded('zlib')) ? false : true; $user->add_lang('posting'); // For error messages if (!class_exists('\\fileupload')) { include $phpbb_root_path . 'includes/functions_upload.' . $phpEx; } $upload = new \fileupload(); $upload->set_allowed_extensions(array('zip')); // Only allow ZIP files // Make sure the ext/ directory exists and if it doesn't, create it if (!is_dir($phpbb_root_path . 'ext')) { if (!files::catch_errors(files::recursive_mkdir($phpbb_root_path . 'ext'))) { return false; } } if (!is_writable($phpbb_root_path . 'ext')) { files::catch_errors($user->lang['EXT_NOT_WRITABLE']); return false; } if (!is_dir(objects::$zip_dir)) { if (!files::catch_errors(files::recursive_mkdir(objects::$zip_dir))) { return false; } } if (!is_writable($phpbb_root_path . 'ext/' . objects::$upload_ext_name . '/tmp')) { if (!phpbb_chmod($phpbb_root_path . 'ext/' . objects::$upload_ext_name . '/tmp', CHMOD_READ | CHMOD_WRITE)) { files::catch_errors($user->lang['EXT_TMP_NOT_WRITABLE']); return false; } } $file = false; // Proceed with the upload if ($action == 'upload') { if (!$request->is_set("extupload", \phpbb\request\request_interface::FILES)) { files::catch_errors($user->lang['NO_UPLOAD_FILE']); return false; } $file = $upload->form_upload('extupload'); } else { if ($action == 'upload_remote') { $php_ini = new \phpbb\php\ini(); if (!$php_ini->get_bool('allow_url_fopen')) { files::catch_errors($user->lang['EXT_ALLOW_URL_FOPEN_DISABLED']); return false; } $remote_url = $request->variable('remote_upload', ''); if (!extension_loaded('openssl') && 'https' === substr($remote_url, 0, 5)) { files::catch_errors($user->lang['EXT_OPENSSL_DISABLED']); return false; } $file = files::remote_upload($upload, $user, $remote_url); } } return $file; }
/** * Create Thumbnail */ function create_thumbnail($source, $destination, $mimetype) { global $config; $min_filesize = (int) $config['img_min_thumb_filesize']; $img_filesize = file_exists($source) ? @filesize($source) : false; if (!$img_filesize || $img_filesize <= $min_filesize) { return false; } $dimension = @getimagesize($source); if ($dimension === false) { return false; } list($width, $height, $type, ) = $dimension; if (empty($width) || empty($height)) { return false; } list($new_width, $new_height) = get_img_size_format($width, $height); // Do not create a thumbnail if the resulting width/height is bigger than the original one if ($new_width >= $width && $new_height >= $height) { return false; } $used_imagick = false; // Only use imagemagick if defined and the passthru function not disabled if ($config['img_imagick'] && function_exists('passthru')) { if (substr($config['img_imagick'], -1) !== '/') { $config['img_imagick'] .= '/'; } @passthru(escapeshellcmd($config['img_imagick']) . 'convert' . (defined('PHP_OS') && preg_match('#^win#i', PHP_OS) ? '.exe' : '') . ' -quality 85 -geometry ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" "' . str_replace('\\', '/', $destination) . '"'); if (file_exists($destination)) { $used_imagick = true; } } if (!$used_imagick) { $type = get_supported_image_types($type); if ($type['gd']) { // If the type is not supported, we are not able to create a thumbnail if ($type['format'] === false) { return false; } switch ($type['format']) { case IMG_GIF: $image = @imagecreatefromgif($source); break; case IMG_JPG: @ini_set('gd.jpeg_ignore_warning', 1); $image = @imagecreatefromjpeg($source); break; case IMG_PNG: $image = @imagecreatefrompng($source); break; case IMG_WBMP: $image = @imagecreatefromwbmp($source); break; } if (empty($image)) { return false; } if ($type['version'] == 1) { $new_image = imagecreate($new_width, $new_height); if ($new_image === false) { return false; } imagecopyresized($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height); } else { $new_image = imagecreatetruecolor($new_width, $new_height); if ($new_image === false) { return false; } // Preserve alpha transparency (png for example) @imagealphablending($new_image, false); @imagesavealpha($new_image, true); imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height); } // If we are in safe mode create the destination file prior to using the gd functions to circumvent a PHP bug if (@ini_get('safe_mode') || @strtolower(ini_get('safe_mode')) == 'on') { @touch($destination); } switch ($type['format']) { case IMG_GIF: imagegif($new_image, $destination); break; case IMG_JPG: imagejpeg($new_image, $destination, 90); break; case IMG_PNG: imagepng($new_image, $destination); break; case IMG_WBMP: imagewbmp($new_image, $destination); break; } imagedestroy($new_image); } else { return false; } } if (!file_exists($destination)) { return false; } phpbb_chmod($destination, CHMOD_READ | CHMOD_WRITE); return true; }
/** * Write compiled file to cache directory * @access private */ function compile_write($handle, $data) { global $phpEx; $filename = $this->template->cachepath . str_replace('/', '.', $this->template->filename[$handle]) . '.' . $phpEx; $data = "<?php if (!defined('IN_PHPBB')) exit;" . (strpos($data, '<?php') === 0 ? substr($data, 5) : ' ?>' . $data); if ($fp = @fopen($filename, 'wb')) { @flock($fp, LOCK_EX); @fwrite($fp, $data); @flock($fp, LOCK_UN); @fclose($fp); phpbb_chmod($filename, CHMOD_READ | CHMOD_WRITE); } return; }
/** * Make a directory recursively (from functions_compress) * * @param string $target_filename The target directory we wish to have */ public function mkdir_recursive($target_filename, $check_minimum_directory = true) { $target_filename = substr($target_filename, -1) == '/' ? $target_filename : $target_filename . '/'; // Some simple file protection to prevent getting out of the titania root if ($check_minimum_directory) { if (!$this->check_filesystem_path($target_filename)) { return false; } } if (!is_dir($target_filename)) { $str = ''; $folders = explode('/', $target_filename); // Create and folders and subfolders if they do not exist foreach ($folders as $folder) { $folder = trim($folder); if (!$folder) { continue; } $str = !empty($str) ? $str . '/' . $folder : $folder; if (!is_dir($str)) { @mkdir($str, 0777); phpbb_chmod($str, CHMOD_READ | CHMOD_WRITE); } } } return true; }
/** * check_cache_folder Validates the cache folder status */ function check_cache_folder($cache_dir, $msg = true) { global $user; $exists = $write = false; $cache_msg = ''; $cache_dir = rtrim($cache_dir, '/'); if (file_exists($cache_dir) && is_dir($cache_dir)) { $exists = true; if (!is_writeable($cache_dir)) { phpbb_chmod($cache_dir, CHMOD_READ | CHMOD_WRITE); $fp = @fopen($cache_dir . 'test_lock', 'wb'); if ($fp !== false) { $write = true; } @fclose($fp); @unlink($phpbb_root_path . $dir . 'test_lock'); } else { $write = true; } } if ($msg) { $exists = $exists ? '<b style="color:green">' . $user->lang['SEO_CACHE_FOUND'] . '</b>' : '<b style="color:red">' . $user->lang['SEO_CACHE_NOT_FOUND'] . '</b>'; $write = $write ? '<br/> <b style="color:green">' . $user->lang['SEO_CACHE_WRITABLE'] . '</b>' : ($exists ? '<br/> <b style="color:red">' . $user->lang['SEO_CACHE_UNWRITABLE'] . '</b>' : ''); $cache_msg = sprintf($user->lang['SEO_CACHE_STATUS'], $cache_dir) . '<br/>' . $exists . $write; return '<br/><br/><b>' . $user->lang['SEO_CACHE_FILE_TITLE'] . ':</b><ul>' . $cache_msg . '</ul><br/>'; } else { return $exists && $write; } }
/** * Test Settings */ function test_upload(&$error, $upload_dir, $create_directory = false) { global $user, $phpbb_root_path; // Does the target directory exist, is it a directory and writable. if ($create_directory) { if (!file_exists($phpbb_root_path . $upload_dir)) { @mkdir($phpbb_root_path . $upload_dir, 0777); phpbb_chmod($phpbb_root_path . $upload_dir, CHMOD_READ | CHMOD_WRITE); } } if (!file_exists($phpbb_root_path . $upload_dir)) { $error[] = sprintf($user->lang['NO_UPLOAD_DIR'], $upload_dir); return; } if (!is_dir($phpbb_root_path . $upload_dir)) { $error[] = sprintf($user->lang['UPLOAD_NOT_DIR'], $upload_dir); return; } if (!is_writable($phpbb_root_path . $upload_dir)) { $error[] = sprintf($user->lang['NO_WRITE_UPLOAD'], $upload_dir); return; } }
/** * Save sql query */ function sql_save($query, &$query_result, $ttl) { global $db, $phpEx; // Remove extra spaces and tabs $query = preg_replace('/[\\n\\r\\s\\t]+/', ' ', $query); $filename = $this->cache_dir . 'sql_' . md5($query) . '.' . $phpEx; if ($fp = @fopen($filename, 'wb')) { @flock($fp, LOCK_EX); $query_id = sizeof($this->sql_rowset); $this->sql_rowset[$query_id] = array(); $this->sql_row_pointer[$query_id] = 0; while ($row = $db->sql_fetchrow($query_result)) { $this->sql_rowset[$query_id][] = $row; } $db->sql_freeresult($query_result); $file = "<?php\n\n/* " . str_replace('*/', '*\\/', $query) . " */\n"; $file .= "\n\$expired = (time() > " . (time() + $ttl) . ") ? true : false;\nif (\$expired) { return; }\n"; fwrite($fp, $file . "\n\$this->sql_rowset[\$query_id] = " . (sizeof($this->sql_rowset[$query_id]) ? "unserialize(" . var_export(serialize($this->sql_rowset[$query_id]), true) . ");" : 'array();') . "\n\n?>"); @flock($fp, LOCK_UN); fclose($fp); if (!function_exists('phpbb_chmod')) { global $phpbb_root_path; include $phpbb_root_path . 'includes/functions.' . $phpEx; } phpbb_chmod($filename, CHMOD_WRITE); $query_result = $query_id; } }
/** * Extract archive */ function extract($dst) { $fzread = $this->isbz && function_exists('bzread') ? 'bzread' : ($this->isgz && @extension_loaded('zlib') ? 'gzread' : 'fread'); // Run through the file and grab directory entries while ($buffer = $fzread($this->fp, 512)) { $tmp = unpack('A6magic', substr($buffer, 257, 6)); if (trim($tmp['magic']) == 'ustar') { $tmp = unpack('A100name', $buffer); $filename = trim($tmp['name']); $tmp = unpack('Atype', substr($buffer, 156, 1)); $filetype = (int) trim($tmp['type']); $tmp = unpack('A12size', substr($buffer, 124, 12)); $filesize = octdec((int) trim($tmp['size'])); $target_filename = "{$dst}{$filename}"; if ($filetype == 5) { if (!is_dir($target_filename)) { $str = ''; $folders = explode('/', $target_filename); // Create and folders and subfolders if they do not exist foreach ($folders as $folder) { $folder = trim($folder); if (!$folder) { continue; } $str = !empty($str) ? $str . '/' . $folder : $folder; if (!is_dir($str)) { if (!@mkdir($str, 0777)) { trigger_error("Could not create directory {$folder}"); } phpbb_chmod($str, CHMOD_READ | CHMOD_WRITE); } } } } else { if ($filesize >= 0 && ($filetype == 0 || $filetype == "")) { // Some archivers are punks, they don't properly order the folders in their archives! $str = ''; $folders = explode('/', pathinfo($target_filename, PATHINFO_DIRNAME)); // Create and folders and subfolders if they do not exist foreach ($folders as $folder) { $folder = trim($folder); if (!$folder) { continue; } $str = !empty($str) ? $str . '/' . $folder : $folder; if (!is_dir($str)) { if (!@mkdir($str, 0777)) { trigger_error("Could not create directory {$folder}"); } phpbb_chmod($str, CHMOD_READ | CHMOD_WRITE); } } // Write out the files if (!($fp = fopen($target_filename, 'wb'))) { trigger_error("Couldn't create file {$filename}"); } phpbb_chmod($target_filename, CHMOD_READ); // Grab the file contents fwrite($fp, $filesize ? $fzread($this->fp, $filesize + 511 & ~511) : '', $filesize); fclose($fp); } } } } }
/** * Write cache data to a specified file * * 'data_global' is a special case and the generated format is different for this file: * <code> * <?php exit; ?> * (expiration) * (length of var and serialised data) * (var) * (serialised data) * ... (repeat) * </code> * * The other files have a similar format: * <code> * <?php exit; ?> * (expiration) * (query) [SQL files only] * (length of serialised data) * (serialised data) * </code> * * @access private * @param string $filename Filename to write * @param mixed $data Data to store * @param int $expires Timestamp when the data expires * @param string $query Query when caching SQL queries * @return bool True if the file was successfully created, otherwise false */ function _write($filename, $data = null, $expires = 0, $query = '') { global $phpEx; $file = "{$this->cache_dir}{$filename}.{$phpEx}"; $lock = new \phpbb\lock\flock($file); $lock->acquire(); if ($handle = @fopen($file, 'wb')) { // File header fwrite($handle, '<' . '?php exit; ?' . '>'); if ($filename == 'data_global') { // Global data is a different format foreach ($this->vars as $var => $data) { if (strpos($var, "\r") !== false || strpos($var, "\n") !== false) { // CR/LF would cause fgets() to read the cache file incorrectly // do not cache test entries, they probably won't be read back // the cache keys should really be alphanumeric with a few symbols. continue; } $data = serialize($data); // Write out the expiration time fwrite($handle, "\n" . $this->var_expires[$var] . "\n"); // Length of the remaining data for this var (ignoring two LF's) fwrite($handle, strlen($data . $var) . "\n"); fwrite($handle, $var . "\n"); fwrite($handle, $data); } } else { fwrite($handle, "\n" . $expires . "\n"); if (strpos($filename, 'sql_') === 0) { fwrite($handle, $query . "\n"); } $data = serialize($data); fwrite($handle, strlen($data) . "\n"); fwrite($handle, $data); } fclose($handle); if (!function_exists('phpbb_chmod')) { global $phpbb_root_path; include $phpbb_root_path . 'includes/functions.' . $phpEx; } phpbb_chmod($file, CHMOD_READ | CHMOD_WRITE); $return_value = true; } else { $return_value = false; } $lock->release(); return $return_value; }
public function avatar_upload_resize($row) { if (!class_exists('fileupload')) { include $this->phpbb_root_path . 'includes/functions_upload.' . $this->php_ext; } $upload = new \fileupload('AVATAR_', $this->allowed_extensions, $this->config['avatar_filesize'], $this->config['avatar_min_width'], $this->config['avatar_min_height'], $this->config['avatar_upload_max_width'], $this->config['avatar_upload_max_height'], isset($this->config['mime_triggers']) ? explode('|', $this->config['mime_triggers']) : false); $file = $upload->form_upload('avatar_upload_file', $this->mimetype_guesser); $prefix = $this->config['avatar_salt'] . '_'; $file->clean_filename('avatar', $prefix, $row['id']); // If there was an error during upload, then abort operation if (sizeof($file->error)) { $file->remove(); $error = $file->error; return false; } // Calculate new destination $destination = $this->config['avatar_path']; // Adjust destination path (no trailing slash) if (substr($destination, -1, 1) == '/' || substr($destination, -1, 1) == '\\') { $destination = substr($destination, 0, -1); } $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); if ($destination && ($destination[0] == '/' || $destination[0] == "\\")) { $destination = ''; } $destination_file = $this->phpbb_root_path . $destination . '/' . $prefix . $row['id'] . '.' . $file->get('extension'); $file->move_file($destination, true); if (sizeof($file->error)) { $file->remove(); trigger_error(implode('<br />', $file->error)); } // Delete current avatar if not overwritten $ext = substr(strrchr($row['avatar'], '.'), 1); if ($ext && $ext !== $file->get('extension')) { $this->delete($row); } if ($file->width > $this->max_size || $file->height > $this->max_size) { $avatar_info = $this->resize(array('w' => $file->width, 'h' => $file->height, 'ext' => $file->extension), $destination, $destination_file); /** New file width & height */ $file->width = $avatar_info['avatar_width']; $file->height = $avatar_info['avatar_height']; } if ($file->width > $this->config['avatar_max_width'] || $file->height > $this->config['avatar_max_height']) { $destination_edit_file = $this->phpbb_root_path . $this->d_edit . '/' . $row['id'] . '.' . $file->get('extension'); rename($destination_file, $destination_edit_file); phpbb_chmod($destination_edit_file, CHMOD_READ); chmod($destination_edit_file, 0666); redirect($this->helper->route("bb3mobi_AvatarUpload_crop", array('avatar_id' => $row['id'], 'ext' => $file->extension)), false, true); } return array('avatar' => $row['id'] . '_' . time() . '.' . $file->get('extension'), 'avatar_width' => $file->width, 'avatar_height' => $file->height); }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpEx; global $ftp_method, $test_ftp_connection, $test_connection, $sort_key, $sort_dir; include "{$phpbb_root_path}includes/functions_transfer.{$phpEx}"; include "{$phpbb_root_path}includes/editor.{$phpEx}"; include "{$phpbb_root_path}includes/functions_mods.{$phpEx}"; include "{$phpbb_root_path}includes/mod_parser.{$phpEx}"; // start the page $user->add_lang(array('install', 'acp/mods')); $this->tpl_name = 'acp_mods'; $this->page_title = 'ACP_CAT_MODS'; $this->store_dir = $phpbb_root_path . 'store'; $this->mods_dir = $phpbb_root_path . 'store/mods'; // get any url vars $action = request_var('action', ''); $mod_id = request_var('mod_id', 0); $mod_url = request_var('mod_url', ''); $parent = request_var('parent', 0); //sort keys $sort_key = request_var('sk', 't'); $sort_dir = request_var('sd', 'a'); $mod_path = request_var('mod_path', ''); // Make sure $this->mods_dir actually exists. // If not try to create it. if (!file_exists($this->mods_dir)) { if (!file_exists($this->store_dir) || !is_writable($this->store_dir)) { trigger_error($user->lang['STORE_MISSING'] . adm_back_link($this->u_action), E_USER_WARNING); } // If we get here store/ exists and is writeable by PHP if (!mkdir($this->mods_dir)) { trigger_error(sprintf($user->lang['COULD_NOT_CREATE_DIR'], 'store/mods/') . adm_back_link($this->u_action), E_USER_WARNING); } if (!phpbb_chmod($this->mods_dir, CHMOD_ALL)) { trigger_error(sprintf($user->lang['COULD_NOT_CHMOD_DIR'], 'store/mods/') . adm_back_link($this->u_action), E_USER_WARNING); } } if ($mod_path) { $mod_path = htmlspecialchars_decode($mod_path); // "/my_mod/install.xml" or "/./contrib/blah.xml" $mod_dir = substr($mod_path, 1, strpos($mod_path, '/', 1)); // "my_mod/" $this->mod_root = $this->mods_dir . '/' . $mod_dir; // "./../store/mods/my_mod/" $this->backup_root = "{$this->mod_root}_backups/"; // "./../store/mods/my_mod/_backups/" $this->edited_root = "{$this->mod_root}_edited/"; // "./../store/mods/my_mod/_edited/" } switch ($mode) { case 'config': $ftp_method = request_var('ftp_method', $config['ftp_method']); if (!$ftp_method || !class_exists($ftp_method)) { $ftp_method = 'ftp'; $ftp_methods = transfer::methods(); if (!in_array('ftp', $ftp_methods)) { $ftp_method = $ftp_methods[0]; } } if (isset($_POST['submit']) && check_form_key('acp_mods')) { $ftp_host = request_var('host', ''); $ftp_username = request_var('username', ''); $ftp_password = request_var('password', ''); // not stored, used to test connection $ftp_root_path = request_var('root_path', ''); $ftp_port = request_var('port', 21); $ftp_timeout = request_var('timeout', 10); $write_method = request_var('write_method', 0); $file_perms = request_var('file_perms', '0644'); $dir_perms = request_var('dir_perms', '0755'); $compress_method = request_var('compress_method', ''); $preview_changes = request_var('preview_changes', 0); $error = ''; if ($write_method == WRITE_DIRECT) { // the very best method would be to check every file for is_writable if (!is_writable("{$phpbb_root_path}common.{$phpEx}") || !is_writable("{$phpbb_root_path}adm/style/acp_groups.html")) { $error = 'FILESYSTEM_NOT_WRITABLE'; } } else { if ($write_method == WRITE_FTP) { // check the correctness of FTP infos $test_ftp_connection = true; $test_connection = false; test_ftp_connection($ftp_method, $test_ftp_connection, $test_connection); if ($test_connection !== true) { $error = $test_connection; } } else { if ($write_method == WRITE_MANUAL) { // the compress class requires write access to the store/ dir if (!is_writable($this->store_dir)) { $error = 'STORE_NOT_WRITABLE'; } } } } if (empty($error)) { set_config('ftp_method', $ftp_method); set_config('ftp_host', $ftp_host); set_config('ftp_username', $ftp_username); set_config('ftp_root_path', $ftp_root_path); set_config('ftp_port', $ftp_port); set_config('ftp_timeout', $ftp_timeout); set_config('write_method', $write_method); set_config('compress_method', $compress_method); set_config('preview_changes', $preview_changes); set_config('am_file_perms', $file_perms); set_config('am_dir_perms', $dir_perms); trigger_error($user->lang['MOD_CONFIG_UPDATED'] . adm_back_link($this->u_action)); } else { $template->assign_var('ERROR', $user->lang[$error]); } } else { if (isset($_POST['submit']) && !check_form_key('acp_mods')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } } add_form_key('acp_mods'); // implicit else include "{$phpbb_root_path}includes/functions_compress.{$phpEx}"; foreach (compress::methods() as $compress_method) { $template->assign_block_vars('compress', array('METHOD' => $compress_method)); } $requested_data = call_user_func(array($ftp_method, 'data')); foreach ($requested_data as $data => $default) { $default = !empty($config['ftp_' . $data]) ? $config['ftp_' . $data] : $default; $template->assign_block_vars('data', array('DATA' => $data, 'NAME' => $user->lang[strtoupper($ftp_method . '_' . $data)], 'EXPLAIN' => $user->lang[strtoupper($ftp_method . '_' . $data) . '_EXPLAIN'], 'DEFAULT' => !empty($_REQUEST[$data]) ? request_var($data, '') : $default)); } $template->assign_vars(array('S_CONFIG' => true, 'U_CONFIG' => $this->u_action . '&mode=config', 'UPLOAD_METHOD_FTP' => $config['ftp_method'] == 'ftp' ? ' checked="checked"' : '', 'UPLOAD_METHOD_FSOCK' => $config['ftp_method'] == 'ftp_fsock' ? ' checked="checked"' : '', 'WRITE_DIRECT' => $config['write_method'] == WRITE_DIRECT ? ' checked="checked"' : '', 'WRITE_FTP' => $config['write_method'] == WRITE_FTP ? ' checked="checked"' : '', 'WRITE_MANUAL' => $config['write_method'] == WRITE_MANUAL ? ' checked="checked"' : '', 'WRITE_METHOD_DIRECT' => WRITE_DIRECT, 'WRITE_METHOD_FTP' => WRITE_FTP, 'WRITE_METHOD_MANUAL' => WRITE_MANUAL, 'AUTOMOD_VERSION' => $config['automod_version'], 'COMPRESS_METHOD' => $config['compress_method'], 'DIR_PERMS' => $config['am_dir_perms'], 'FILE_PERMS' => $config['am_file_perms'], 'PREVIEW_CHANGES_YES' => $config['preview_changes'] ? ' checked="checked"' : '', 'PREVIEW_CHANGES_NO' => !$config['preview_changes'] ? ' checked="checked"' : '', 'S_HIDE_FTP' => $config['write_method'] == WRITE_FTP ? false : true)); break; case 'frontend': if ($config['write_method'] == WRITE_FTP) { $ftp_method = basename(request_var('method', $config['ftp_method'])); if (!$ftp_method || !class_exists($ftp_method)) { $ftp_method = 'ftp'; $ftp_methods = transfer::methods(); if (!in_array('ftp', $ftp_methods)) { $ftp_method = $ftp_methods[0]; } } $test_connection = false; $test_ftp_connection = request_var('test_connection', ''); if (!empty($test_ftp_connection) || in_array($action, array('install', 'uninstall', 'upload_mod', 'delete_mod'))) { test_ftp_connection($ftp_method, $test_ftp_connection, $test_connection); // Make sure the login details are correct before continuing if ($test_connection !== true || !empty($test_ftp_connection)) { $action = 'pre_' . $action; } } } // store/ needs to be world-writable even when FTP is the write method, // for extracting uploaded mod zip files if (!is_writable($this->store_dir)) { $template->assign_var('S_STORE_WRITABLE_WARN', true); } else { if ($config['write_method'] != WRITE_FTP && !is_writable($this->mods_dir)) { $template->assign_var('S_MODS_WRITABLE_WARN', true); } } switch ($action) { case 'pre_install': case 'install': $this->install($action, $mod_path, $parent); break; case 'pre_uninstall': case 'uninstall': $this->uninstall($action, $mod_id, $parent); $cache->purge(); break; case 'details': $mod_ident = $mod_id ? $mod_id : $mod_path; $this->list_details($mod_ident); break; case 'pre_delete_mod': case 'delete_mod': $this->delete_mod($action, $mod_path); break; case 'pre_upload_mod': case 'upload_mod': default: $action = isset($action) ? $action : ''; if (!$this->upload_mod($action)) { $this->list_installed(); $this->list_uninstalled(); } break; case 'download': include $phpbb_root_path . "includes/functions_compress.{$phpEx}"; $editor = new editor_manual(); $time = request_var('time', 0); // if for some reason the MOD isn't found in the DB... $download_name = 'mod_' . $time; $sql = 'SELECT mod_name FROM ' . MODS_TABLE . ' WHERE mod_time = ' . $time; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { // Always use the English name except for showing the user. $mod_name = localize_title($row['mod_name'], 'en'); $download_name = str_replace(' ', '_', $mod_name); } $editor->compress->download("{$this->store_dir}/mod_{$time}", $download_name); exit; break; } return; break; } }